Attachment #35052 for bug #61184

View | Details | Raw Unified | Return to bug 61184
Collapse All | Expand All




#define KEYTYPES "RSA or DSA"
#endif

#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
/* OpenSSL Pre-1.1.0 compatibility */
/* Taken from OpenSSL 1.1.0 snapshot 20160410 */
static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)

    modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */

    init_dh_params();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
    init_bio_methods();
#endif



    SSL_CTX_set_options(ctx, SSL_OP_ALL);

#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
    /* always disable SSLv2, as per RFC 6176 */
    SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);



    }

#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
    free_bio_methods();
#endif
    free_dh_params();




#endif

/* session id constness */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define IDCONST
#else
#define IDCONST const

#if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTX_set_tlsext_status_cb)
#define HAVE_OCSP_STAPLING
/* All exist but are no longer macros since OpenSSL 1.1.0 */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
/* backward compatibility with OpenSSL < 1.0 */
#ifndef sk_OPENSSL_STRING_num
#define sk_OPENSSL_STRING_num sk_num


#endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */

#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
#define BN_get_rfc2409_prime_768   get_rfc2409_prime_768
#define BN_get_rfc2409_prime_1024  get_rfc2409_prime_1024
#define BN_get_rfc3526_prime_1536  get_rfc3526_prime_1536

Lines 41-47 Link Here

(-)modules/ssl/ssl_util_ssl.h.orig (-1 / +1 lines)
41	#define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER	41	#define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER
42	#define MODSSL_LIBRARY_NAME "OpenSSL"	42	#define MODSSL_LIBRARY_NAME "OpenSSL"
43	#define MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT	43	#define MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT
44	#if OPENSSL_VERSION_NUMBER < 0x10100000L	44	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
45	#define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION)	45	#define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION)
46	#else	46	#else
47	#define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION)	47	#define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION)

Lines 2514-2520 int main(int argc, const char * const ar Link Here

(-)support/ab.c.orig (-1 / +1 lines)
2514	exit(1);	2514	exit(1);
2515	}	2515	}
2516	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);	2516	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
2517	#if OPENSSL_VERSION_NUMBER >= 0x10100000L	2517	#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
2518	SSL_CTX_set_max_proto_version(ssl_ctx, max_prot);	2518	SSL_CTX_set_max_proto_version(ssl_ctx, max_prot);
2519	SSL_CTX_set_min_proto_version(ssl_ctx, min_prot);	2519	SSL_CTX_set_min_proto_version(ssl_ctx, min_prot);
2520	#endif	2520	#endif

Return to bug 61184

Lines 136-142 Link Here

(-)modules/ssl/ssl_private.h.orig (-3 / +3 lines)
136	#endif	136	#endif
137		137
138	/* session id constness */	138	/* session id constness */
139	#if OPENSSL_VERSION_NUMBER < 0x10100000L	139	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
140	#define IDCONST	140	#define IDCONST
141	#else	141	#else
142	#define IDCONST const	142	#define IDCONST const
Lines 159-165 Link Here
159	#if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTX_set_tlsext_status_cb)	159	#if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTX_set_tlsext_status_cb)
160	#define HAVE_OCSP_STAPLING	160	#define HAVE_OCSP_STAPLING
161	/* All exist but are no longer macros since OpenSSL 1.1.0 */	161	/* All exist but are no longer macros since OpenSSL 1.1.0 */
162	#if OPENSSL_VERSION_NUMBER < 0x10100000L	162	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
163	/* backward compatibility with OpenSSL < 1.0 */	163	/* backward compatibility with OpenSSL < 1.0 */
164	#ifndef sk_OPENSSL_STRING_num	164	#ifndef sk_OPENSSL_STRING_num
165	#define sk_OPENSSL_STRING_num sk_num	165	#define sk_OPENSSL_STRING_num sk_num
Lines 199-205 Link Here
199		199
200	#endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */	200	#endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */
201		201
202	#if OPENSSL_VERSION_NUMBER < 0x10100000L	202	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
203	#define BN_get_rfc2409_prime_768 get_rfc2409_prime_768	203	#define BN_get_rfc2409_prime_768 get_rfc2409_prime_768
204	#define BN_get_rfc2409_prime_1024 get_rfc2409_prime_1024	204	#define BN_get_rfc2409_prime_1024 get_rfc2409_prime_1024
205	#define BN_get_rfc3526_prime_1536 get_rfc3526_prime_1536	205	#define BN_get_rfc3526_prime_1536 get_rfc3526_prime_1536

Lines 47-53 APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, Link Here

(-)modules/ssl/ssl_engine_init.c.orig (-4 / +4 lines)
47	#define KEYTYPES "RSA or DSA"	47	#define KEYTYPES "RSA or DSA"
48	#endif	48	#endif
49		49
50	#if OPENSSL_VERSION_NUMBER < 0x10100000L	50	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
51	/* OpenSSL Pre-1.1.0 compatibility */	51	/* OpenSSL Pre-1.1.0 compatibility */
52	/* Taken from OpenSSL 1.1.0 snapshot 20160410 */	52	/* Taken from OpenSSL 1.1.0 snapshot 20160410 */
53	static int DH_set0_pqg(DH dh, BIGNUM p, BIGNUM q, BIGNUM g)	53	static int DH_set0_pqg(DH dh, BIGNUM p, BIGNUM q, BIGNUM g)
Lines 380-386 apr_status_t ssl_init_Module(apr_pool_t Link Here
380	modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */	380	modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */
381		381
382	init_dh_params();	382	init_dh_params();
383	#if OPENSSL_VERSION_NUMBER >= 0x10100000L	383	#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
384	init_bio_methods();	384	init_bio_methods();
385	#endif	385	#endif
386		386
Lines 583-589 static apr_status_t ssl_init_ctx_protoco Link Here
583		583
584	SSL_CTX_set_options(ctx, SSL_OP_ALL);	584	SSL_CTX_set_options(ctx, SSL_OP_ALL);
585		585
586	#if OPENSSL_VERSION_NUMBER < 0x10100000L	586	#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
587	/* always disable SSLv2, as per RFC 6176 */	587	/* always disable SSLv2, as per RFC 6176 */
588	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);	588	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
589		589
Lines 2011-2017 apr_status_t ssl_init_ModuleKill(void *d Link Here
2011		2011
2012	}	2012	}
2013		2013
2014	#if OPENSSL_VERSION_NUMBER >= 0x10100000L	2014	#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
2015	free_bio_methods();	2015	free_bio_methods();
2016	#endif	2016	#endif
2017	free_dh_params();	2017	free_dh_params();